This is the documentation for Wazuh 3.0. Check out the docs for the latest version of Wazuh!

What is VirusTotal

VirusTotal is an online service that analyzes files and URLs enabling the detection of viruses, worms, trojans and other kinds of malicious content using antivirus engines and website scanners. It also can be used to detect false positives.

VirusTotal is a free service with numerous features that make its use very interesting, for our purpose we can highlight the following:

  • VirusTotal stores all the analyses it performs, this means that we can search for a report using the hash of the file that we are interested in. In other words, sending that hash to the VirusTotal engine we can find out if that file has been scanned by VirusTotal and analyze its report.
  • On the other hand, VirusTotal provides an API that allows us to access the information generated by VirusTotal without the need of using the HTML website interface. This API is subjected to its Terms of Service, which are discussed in the following section.